AlliedWare Operating System

Transcription

1 Datasheet AlliedWare Operating System AlliedWare Layer 3 Fully Featured Operating System AlliedWare is ' feature-rich first generation operating system. It serves as the foundation for ' original Layer 3 switches and routers. AlliedWare includes the functionality, management capabilities and performance that today's networks demand. As a standards-based implementation, it also assures full interoperability with other major network equipment. Security SIF - Stateful Inspection Firewall state-of-the-art Stateful Inspection Firewall delivers the highest level of security possible by providing full application-layer awareness without breaking the client/server model. Stateful Inspection extracts the staterelated information required for security decisions from all application layers and maintains this information in dynamic state tables for evaluating subsequent connection attempts. It protects against a wide range of Denial of Service (DoS) attacks including Ping of Death, SYN/FIN flooding, Smurf attacks, port scans, fragment attacks and IP spoofing. alerts are automatically triggered when such attacks are detected.this provides a solution that is highly secure and offers maximum performance, scalability, and extensibility. Application Gateways - SMTP Proxy, HTTP Proxy The mail proxy inspects SMTP sessions as they pass through the firewall. By accepting or rejecting sessions based on source and destination address rules, abuse of servers is limited.typical forms of abuse include receipt of unwanted advertisements, spam, and unauthorized forwarding of mail.the Web proxy inspects and filters outbound HTTP sessions as they pass through the firewall.the proxy can inspect URLs and restrict cookie activity. Encryption Advanced Encryption Standard (AES) is an algorithm that replaces the Data Encryption Standard (DES) as the Federal Information Processing Standard for encrypting data. AES is different from DES and 3DES because it supports a longer key length and uses different routines to encrypt and decrypt data. Encryption algorithms with a long key length are more secure than those with a short key length x The IEEE 802.1x standard manages port-based network access. It provides authentication to devices attached to a LAN port, by initiating a connection or preventing access from that port if authentication fails.valuable for authenticating and controlling user traffic to a protected network, 802.1x is also effective for dynamically varying encryption keys x attaches the Extensible Authentication Protocol (EAP) to both wired and wireless LAN media, and supports multiple authentication methods, such as token cards, Kerberos, one-time passwords, certificates, and public key authentication. Routing is the next generation of the Internet Protocol (IP). It has primarily been developed to solve the problem of the eventual exhaustion of the IPv4 address space, but also offers other enhancements: Addresses are 16 Bytes long in contrast to IPv4 s 4 Byte addresses. Globally unique addresses with more levels of addressing hierarchy, to reduce the size of routing tables. Auto-configuration of addresses by hosts. Improved scalability of multicast routing, by adding a scope field to multicast addresses. A new type of address, the anycast address, which is used to send a packet to any one of a group of devices. Standard Features IP - Internet Protocol TCP - Transmission Control Protocol NTP - Network Time Protocol Trigger Facility Logging Facility Scripting Web (HTTP) Server and client SMTP - Simple Mail Transfer Protocol TFTP Client - Trivial File Transfer Protocol CLI - Command Line Interface DHCP - Dynamic Host Configuration Protocol SNMPv3 - Simple Network Management Protocol IGMP - Internet Group Management Protocol Static Routing RIP v1,v2 - Routing Information Protocol OSPF - Open Shortest Path First

2 - Border Gateway Protocol version 4 is an external gateway protocol which allows two routers/switches in different routing domains, known as Autonomous Systems to exchange routing information.this facilitates the forwarding of data across the border of the routing domains. allows routers/switches to learn multiple paths, choose the best path for routing information and install that path in the IP routing table. WAN Load Balancer The WAN load balancer enables the router to combine bandwidth from multiple WAN connections for increased throughput and redundancy.when a router simultaneously connects to multiple WANs, the WAN load balancer will distribute the traffic based on any one of a number of selectable balancing algorithms. A typical example would be a router that has two Internet connections each exchanging data to remote sites via different Internet providers. In this case an outage limited to one network will not result in a loss of connectivity to these sites. QoS - Quality of Service QoS intelligently manages network traffic to allow stable and predictable end-to-end network performance. Comprehensive, low latency QoS features operating at wire-speed provide flowbased traffic management with full classification, prioritization, traffic shaping and min/max bandwidth profiles. AlliedWare's QoS features are ideal for service providers wanting to ensure maximum availability of premium voice, video, and data services, and at the same time manage customer service level agreements. For enterprise customers, QoS protects productivity by guaranteeing performance of business-critical applications including VoIP services, and helps to restore and maintain responsiveness of enterprise applications in the networked workplace. Multicasting PIM - Protocol Independent Multicast PIM has two modes: Dense Mode (PIM-DM) and Sparse Mode (PIM-SM). PIM-DM relies on the presence of an existing unicast routing protocol to provide routing table data to build up information for the multicast forwarding database.this process is independent of the mechanisms of the specific unicast routing protocol. PIM-SM provides efficient communication between members of sparsely distributed groups - the type of groups that are most common in wide-area internetworks. PIM-SM limits multicast traffic so only those network devices interested in receiving traffic for a particular group receive that traffic. IGMPv2 - Internet Group Management Protocol IGMP is used between hosts and multicast routers and switches on a single physical network to establish hosts' membership in particular multicast groups. Multicast routers use this information, in conjunction with a multicast routing protocol, to support IP multicast forwarding across the Internet. Management GUI and SSL - Graphical User Interface and Secure Sockets Layer The GUI is a web-based management tool designed for intuitive, easy-to-use device configuration and monitoring. Its purpose is to make complicated tasks simpler and regularly performed tasks quicker. A GUI connection can be secured with the use of the SSL. SSL is a security protocol that provides secure communication by allowing the client to verify the servers identity before either side sends any sensitive information. SSL encrypts data to prevent a third party from interfering with the message. SSH - Secure Shell Secure management is increasingly important in modern networks, as easy, effective device management and the need for security are two almost universal requirements. SSH is a secure Telnet type access that provides strong authentication and secure communication over insecure channels. While Telnet sends commands over the network in plaintext, SSH sends them encrypted. With SSH, a client can safely log into another computer over a network, execute commands in a remote machine, or move files from one machine to another. Scripting The Scripting facility allows sequences of commands to be stored in a script and replayed at any time so that switches can be easily and quickly configured.this is useful when developing a complex configuration, making the same configuration change to several different devices or security appliances, or introducing a configuration change that must occur at a particular time. Scripts can be activated from the command line, from a trigger, or when users log in. Triggers A trigger sets off an ordered sequence of scripts and commands to be executed when a certain event occurs, providing a powerful mechanism for automating the execution of commands in response to certain events. For example, triggers can be configured to collect diagnostic information after a reboot. Each trigger may reference multiple scripts and any script can be used by any trigger. High Availability Link Aggregation Link aggregation (trunking) allows a number of individual switch ports to be combined, forming a single logical connection of higher bandwidth.this provides a higher performance link, and also provides redundancy for a more reliable and robust network. AlliedWare supports IEEE standard 802.3ad link aggregation, which can be configured manually, or automated via the use of Link Aggregation Control Protocol (LACP). LACP automatically detects multiple links between two LACP enabled devices and configures them to use their maximum possible bandwidth by automatically combining the links. VRRP - Virtual Router Redundancy Protocol VRRP provides automatic backup in mission-critical environments.this feature enables multiple routers or switches to share a virtual IP address that serves as the default LAN gateway. Should the master fail, the other devices assume the virtual IP address. LAN devices can continue to be configured with a single default gateway address, and because VRRP is a standard Internet protocol, full interoperability with other VRRP-supported products is assured. EPSR Ethernet Protection Switched Rings Ethernet Protection Switched Rings allow several switches to form a protected ring with sub 50ms failover.this feature is perfect for high performance at the core of enterprise or provider access networks. MSTP - Multiple Spanning Tree Protocol MSTP addresses the limitations in the existing spanning tree protocols, Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP). MSTP is similar to RSTP in that it provides loop resolution and rapid convergence. However it also has the significant extra advantage of making it possible to have different forwarding paths for different multiple spanning tree instances.this enables load balancing of network traffic across redundant links. Networks using multiple VLAN topologies that employ alternative physical links are supported by MSTP. MSTP also supports multiple spanning tree instances on any given link within a network and can group bridges into 'regions' that appear as a single bridge to other devices. Note: Features available on individual products are dependent on product hardware. For more information go to.

Data Networking and Architecture The course focuses on theoretical principles and practical implementation of selected Data Networking protocols and standards. Physical network architecture is described

Layer 3 Network + Dedicated Internet Connectivity Client: One of the IT Departments in a Northern State Customer's requirement: The customer wanted to establish CAN connectivity (Campus Area Network) for

Ensuring Information Availability Security - Ensuring Information Availability Introduction The advent of the Internet and the huge array of connected devices has led to an insatiable demand for access

Gigabit Content Security Router As becomes essential for business, the crucial solution to prevent your connection from failure is to have more than one connection. PLANET is the Gigabit Content Security

Case Study Ministry of Agriculture, France The Ministry of Agriculture and Fishing in France selects Allied Telesis for their new network solution in the central Paris offices, providing the strong network

Description "Charting the Course... Course Summary Interconnecting Cisco Networking Devices: Accelerated (CCNAX), is a course consisting of ICND1 and ICND2 content in its entirety, but with the content

SSVVP SIP School VVoIP Professional Certification Exam Objectives The SSVVP exam is designed to test your skills and knowledge on the basics of Networking, Voice over IP and Video over IP. Everything that

As Internet becomes essential for business, the crucial solution to prevent your Internet connection from failure is to have more than one connection. PLANET is a ideal to help the SMBs increase the broadband

Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification

SSVP SIP School VoIP Professional Certification Exam Objectives The SSVP exam is designed to test your skills and knowledge on the basics of Networking and Voice over IP. Everything that you need to cover

How To configure WAN load balancing Introduction With the increasing use of the Internet to service core business functions comes the need for reliable WAN connectivity. A specific aspect of this requirement

The Benefits of Layer 3 Routing at the Network Edge Peter McNeil Product Marketing Manager L-com Global Connectivity Abstract This white paper covers where and when to employ Layer 3 routing at the edge

Networking 4 Voice and Video over IP (VVoIP) Course Objectives This course will give delegates a good understanding of LANs, WANs and VVoIP (Voice and Video over IP). It is aimed at those who want to move

Firewall Defaults, Public Server Rule, and Secondary WAN IP Address This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSafe Wireless-N

Cisco RV 120W Wireless-N VPN Firewall Take Basic Connectivity to a New Level The Cisco RV 120W Wireless-N VPN Firewall combines highly secure connectivity to the Internet as well as from other locations

Success Story Dyrehavsbakken Amusement Park Selects Allied Telesis as their supplier of a modern networking infrastructure across the whole site (Klampenborg, Copenhagen, Denmark). Dyrehavsbakken Amusement

AlliedWare TM OS How To Configure WAN Load Balancing Introduction With the increasing use of the Internet to service core business functions comes the need for reliable WAN connectivity. A specific aspect

Solutions Guide Solutions for LAN Protection Allied Telesis security features safeguard networks and mitigate attacks Introduction The increasing number of connected devices in today s networks has created

Enterprise Edge Communications Manager Data Capabilities Data Module Objectives After the completion of this module you will be able to describe the following Data components of the Enterprise Edge Communications

User s Manual Second Edition, July 2011 www.moxa.com/product 2011 Moxa Inc. All rights reserved. User s Manual The software described in this manual is furnished under a license agreement and may be used

200-101: Interconnecting Cisco Networking Devices Part 2 v2.0 (ICND2) Course Overview This course provides students with the knowledge and skills to successfully install, operate, and troubleshoot a small

A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

5 CHAPTER This chapter describes how to set the firewall mode to routed or transparent, as well as how the firewall works in each firewall mode. This chapter also includes information about customizing

VXLAN: Scaling Data Center Capacity White Paper Virtual Extensible LAN (VXLAN) Overview This document provides an overview of how VXLAN works. It also provides criteria to help determine when and where

Network Security Total solution for your network security With the growth of the Internet, malicious attacks are happening every minute, and intruders are trying to access your network, using expensive

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding This chapter describes the configuration for the SSL VPN Tunnel Client and for Port Forwarding. When a remote user accesses the SSL VPN

Edgewater Routers User Guide For use with 8x8 Service Version 1.0, March 2011 Table of Contents EdgeMarc 200AE1-10 Router Overview...3 EdgeMarc 4550-15 Router Overview...4 Basic Setup of the 200AE1 and